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DETAILED ACTION 

1 . A request for continued examination under 37 CFR 1.114, including the 
fee set forth In 37 CFR 1 .17(e), was filed in this application after allowance or 
after an Office action under Ex Parte Quayle, 25 USPQ 74, 453 O.G. 213 
(Comm'r Pat. 1935). Since this application is eligible for continued examination 
under 37 CFR 1 .1 14, and the fee set forth in 37 CFR 1 .17(e) has been timely 
paid, prosecution in this application has been reopened pursuant to 37 CFR 
1.1 14. Applicant's submission filed on June 30, 2006 has been entered. Claims 
1, 12, 13, 17, 23 and 27 have been amended. Claims 1-29 are pending. 



Response to Arguments 

2. Applicant contends that the cited prior art, Brown, does not teach "in an 
event that the session is no longer authenticated, persisting as a pending request 
at the sen/er, the request from the client" as recited in claim 1. Brown teaches 
that a query is made to verify whether the client has been authenticated before 
the request is processed. In the event the client is not authenticated, the server 
directs the client to a webpage where the client is to enter login information to be 
authenticated (see Brown [0029]). Brown further teaches that if the client is 
authenticated, a query is made to check if the session is still connected, if the 
session is connected, the server will process the request, if the session is not 

4 

connected, the client is directed to be autlienticated (see Brown, Fig. 4a, and 
page 3, [0029-0030]). Applicant recites "in an event that the session is 
subsequently re-authenticated, the sen/er processing the pending request". The 
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processing of the request that Applicant recites is after the client is authenticated. 
Therefore, Examiner is interpreting the request as process request directed to 
application server while in Brown the request that WAG received is a request for 
authentication, e.g. login. In Applicant's remark. Applicant stated, "when a 
request is submitted from the client to the server, the re-authentication system 
verifies that the session is secure. If the re-authentication system cannot verify 
that the session is secure, the system persists (e.g. saves or maintains) the 
request and directs the client to re-authenticate the session . When the client 
session is re-established, the re-authentication system directs the server to 
process the saved request, instead of requiring that the request be re-submitted 
from the client (Application, page 2, line 25-page 3, line 8). The portion where 
Applicant referring to in the Specification appears to refening the request as 
directed to request made to the application server, e.g. sending email message. 
Therefore, in light of this interpretation, Examiner is interpreting the request 
taught by Fig. 4a in Brown to be request to be authenticated when it is 
determined that the session has been expired.Since Brown clearly mentioned 
that if the client is authenticated and the session is not expired, the client is 
authorized to view website content according to the user's identity (Brown, 
[0030]). Applicant further contends that Kurowski's teaching of persisting the 
request is differs from the claimed invention. "Kurowski storing data locally, 
rather than transmitting the data because a networi< connection is down..." and 
the combination of Brown and Kurowski does not result in the claimed invention, 
(remark, page 14-15). Examiner respectfully disagrees. Brown teaches the 
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concept providing the user access to Internet e-mail through a web proxy server. 
Whenever the server receive request from the user, a query is made to 
determine whether the user is authenticated, if the user is authenticated, a query 
is made to determine whether the session is expired. In any event, the user is 
required to authenticate or re-authenticated in order to access to email sen/ice. 
While Applicant claims the novelty of the invention is persisting the request so 
that user's work would not be disrupted or lost when the user request can not be 
processed unless the user is re-authenticated, Kurowski teaches the concept of 
storing the user request for the task server in a persistent queue when the 
network is down in order to preserve the work (Kurowski, [0241] "keeping track of 
when the network connection is down, and then initiating the saving of data in the 
local disk for later sendng to the task server"'). The reason Kurowski is 
introduced is to show the well known concept of saving the information in file for 
later used so that user does not have to resubmitting the information again in the 
later time. 

Claim Rejections - 35 USC § 103 
3. The following is a quotation of 35 U.S.C. 103(a) which fornns the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described 
as set forth in section 102 of this title, if the differences between the subject matter sought to 
be patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 
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Claims 1-3, and 5-29 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Brown et al. (U.S. Patent Application Application (U.S. 
2003/0061288 A1, hereinafter Brown) in view of Kurowski et al. (U.S. Patent 
Publication No. 2002/0019844, hereinafter Kurowski) 

In respect to claim 1 , Brown discloses a method comprising: 
Establishing an authenticated session between a server and a client; 
receiving at the server, a request from the client; Detemnining whether the 
session is still authenticated (see Brown Fig. 4, and page 3, [0028] - [0030], ""a 
query is made whether user is authenticated. If not, a directive ...is sent back to 
the client"; "when the user is authenticated, a query is made as to whether the 
session is ended... if the session is still not ended, a server for the WAG 
transcoder farm queries user database for accessibility transforms to be applied 
for the requested device..."). Brown discloses directing the client to be 
authenticated in the event the client is not authenticated, but does not explicitly 
disclose persisting the client request as a pending request at the server. 
However, Kurowski discloses a persistent queue management subsystem is 
used for storing request from a client for the server when network is down (see 
Kurowski, [0208], "for some of the operations, the domain objects might depend 
on other subsystem that provide a persistence mechanism either to the local disk 
or to a server", [0241], "storing any command for task server in a persistent 
queue when the connection is down"). It would have been obvious to one of 
ordinary skill in the art at the time the invention was made to implement the 
persistent queue for storing client request to the task server when connection is 
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down taught by Kurowski with the teaching of verifying if the client is 
authenticated before processing the request taught by Brown for the benefit of 
saving the worl< for the task server to be processed when connection is 
reestablished (see Kurowski, [0241]). 

In respect to claim 2, Brown and Kurowski disclose the method of claim 1 
wherein the determining comprises verifying an authentication token associated 
with the client (see Brown, page 2, [0021]). 

In respect to claim 3, Brown and Kurowski disclose the method of claim 2 
wherein the verifying comprises verifying that the authentication token has not 
timed out (see Brown, page 2, [0030]). 

In respect to claim 5, Brown and Kurowski disclose the method of claim 2 
wherein the authentication token is part of the request received from the client 
(see Brown, page 2 [0021]). 

In respect to claim 6, Brown and Kurowski disclose the method of claim 2 
wherein the authentication token is encrypted (see Brown, page 1, [0010]). 

In respect to claim 7, Brown and Kurowski disclose the method of claim 1 
wherein persisting the request comprises storing the request in a file (see 
Kurowski, page 18, [0241]). 
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In respect to claim 8, Brown and Kurowski disclose the method of claim 1 
wherein persisting the request comprises storing the request in a database (see 
Kurowski, page 18, [0241]). 

In respect to claim 9, Brown and Kurowski disclose the method of claim 1 
further comprising directing the client to authenticate the session (see Brown 3, 
[0029]). 

In respect to claim 10, Brown and Kurowski disclose the method of claim 9 
wherein directing the client to authenticate the session comprises: 

Directing the client to a login module; and directing the an address (see 
Brown, page 3, [0029]). 

In respect to claim 1 1 , Brown and Kurowski disclose the method of claim 
10 wherein the address associated with the pending request is a URL (see 
Kurowski, page 18, [0241]). 

In respect to claim 12, 13, 18, 22, 23, and 25-27, the claimed limitation are 
similar to claim 1. Therefore, claims 12, 13, 18, 22, 23 and 25-27 are rejected 
based on the similar rationale. 
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In respect to claim 14, Brown and Kurowski disclose the system of claim 
13 further comprising an authentication redirect generator configured to generate 
an instruction to redirect the client to obtain re-authorization (see Brown, piage 18 
[0029-0030], "A query... is made as to whether the user is authenticated. If not, a 
directive... is sent back to client device 10, typically in the fomi of a web page, 
requesting content for the user to log onto and/or register with the WAG services 
offered through proxy machine"). 

In respect to claims 15-17, claimed limitations are similar to claims 2, 11 
and 13. Therefore, claims 15-17 are rejected based on the similar rationale. 

In respect to claims 19 and 21, the claimed limitations are system claims 
that are similar to method claims 3 and 8. Therefore, claims 19 and 20 are 
rejected based on the similar rationale. 

In respect to claim 20, Brown and Kurowski disclose the system of claim 
18 wherein the authentication redirect generator is further configured to direct the 
client to access the requestg that is stored (see Brown, page 3, [0030]). 

In respect to claim 24, Brown and Kurowski do not disclose wherein the 
application server and the authentication entity are implemented as one server. 
However, having a central server performing authentication and processing user 
request is old and well known. It would have been obvious to one of ordinary 
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skill In the art at the tinae the invention was made to implement a central server 
for authentication and application purposes as a matter of design choices. 

In respect to claim 28, the claimed limitation is similar to claim 14. 
Therefore, claim 28 is rejected based on the similar rationale. 

In respect to claim 29, the claimed limitation is similar to claim 20. 
therefore, claim 20 is rejected based on the similar rationale. 

4. Claim 4 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Brown et al. (U.S. Patent Application Application (U.S. 2003/0061288 A1, 
hereinafter Brown) in view of Kurowski et al. (U.S. Patent Publication No. 
2002/0019844, hereinafter Kurowski) and further in view of Polizzi et al. (U.S. 
Patent No. 2002/0023122). 

In respect to claim 4, Brown and Kurowski disclose the method of claim 2. 
Brown and Kurowski do not disclose wherein the authentication token is a cookie 
stored by the client. However, Polizzi discloses cookies based authentication for 
web log in access (see Polizzi, page 10, [0074]). Therefore, it would have been 
obvious to one of ordinary skill in the art at the time the invention was made to 
implement cookie based authentication taught by Polizzi with Brown's 
authentication system and Kurowski's storing of persistent request for the benefit 
of authentication cookie cached in client's system while client is in session. 
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Conclusion 



5. Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Tongoc Iran whose telephone number is 
(571) 272-3843. The examiner can normally be reached on 8:30-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Jacques Louis-Jacques can be reached on (571) 272- 
3962. The fax phone number for the organization where this application or 
proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. Status information 
for published applications may be obtained from either Private PAIR or Public 
PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). If you would like assistance from a USPTO Customer Service 
Representative or access to the automated information system, call 800-786- 
9199 (IN USA OR CANADA) or 571-272-1000. 




